package com.sinog.auth.config.xss;

import java.util.Objects;

/**
 * @desc xss工具类
 * @author lzq
 * @date 2021-07-26 12:29
 */
public final class XssUtil {

    static String cleanXss(String value) {
        if(Objects.isNull(value)) {
            return value;
        }
        //在这里自定义需要过滤的字符
        value = value.replaceAll("<","& lt;").replaceAll(">","& gt;");
        value = value.replaceAll("\\(","& #40;").replaceAll("\\)","& #41;");
        value = value.replaceAll("'","& #39;");
        value = value.replaceAll("eval((.*))","");
        value = value.replaceAll("[\"'][s]*javascript:(.*)[\"']","\"\"");
        value = value.replaceAll("<script>","");
        return value;
    }
}